{"id":"serversideup-certbot-dns-cloudflare","name":"certbot-dns-cloudflare","af_score":36.2,"security_score":63.0,"reliability_score":36.2,"what_it_does":"certbot-dns-cloudflare is a Certbot DNS authentication plugin that automates DNS-01 challenges in Cloudflare by creating and removing the required TXT records so Let’s Encrypt certificates can be issued/renewed.","best_when":"You’re already using Certbot and need automated DNS-01 validation specifically for Cloudflare-managed DNS records (including wildcard certificates).","avoid_when":"You cannot grant the required Cloudflare DNS permissions to the credentials used by certbot, or you cannot run Certbot with the plugin on a system that can reach Cloudflare’s API.","last_evaluated":"2026-04-04T21:36:13.538583+00:00","has_mcp":false,"has_api":false,"auth_methods":["Cloudflare API token (DNS edit permissions) or Cloudflare API credentials as supported by the Certbot plugin","Using a credentials file configured for the plugin"],"has_free_tier":false,"known_gotchas":["This is a local Certbot plugin (invoked by Certbot) rather than a standalone network API; agent integration is mainly via running/templating certbot CLI and handling credentials/ENV files.","DNS-01 depends on propagation timing; transient failures may occur if TXT records are not visible yet.","Correct cleanup of TXT records is critical; if runs are interrupted, stale records may remain."],"error_quality":0.0}